CVE-2026-32014
HIGH
GHSA-r65x-2hqr-j5hf
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect metadata to bypass platform-based node command policies and gain access to restricted commands.
Analysis
A metadata spoofing vulnerability in OpenClaw allows attackers with paired node identities on the trusted network to bypass platform-based node command policies by manipulating unsigned reconnect platform and deviceFamily fields. This authentication bypass vulnerability affects OpenClaw versions prior to 2026.2.26 and enables unauthorized access to restricted commands with high impact on confidentiality, integrity, and availability (CVSS 8.0). …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all OpenClaw deployments and identify systems running versions prior to 2026.2.26; restrict network access to OpenClaw nodes to essential personnel only. Within 7 days: Implement enhanced monitoring and logging of reconnect platform and deviceFamily field changes; conduct access review of privileged node identities. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today